최신 AZ-104 무료덤프 - Microsoft Azure Administrator
You plan to deploy several Azure virtual machines that will run Windows Server 2019 in a virtual machine scale set by using an Azure Resource Manager template.
You need to ensure that NGINX is available on all the virtual machines after they are deployed.
What should you use?
You need to ensure that NGINX is available on all the virtual machines after they are deployed.
What should you use?
정답: B
You have an Azure subscription that contains the resources shown in the following table.

The Not allowed resource types Azure policy that has policy enforcement enabled is assigned to RG1 and uses the following parameters:
Microsoft.Network/virtualNetworks
Microsoft.Compute/virtualMachines
In RG1, you need to create a new virtual machine named VM2 which is connected to VNET1.
What should you do first?

The Not allowed resource types Azure policy that has policy enforcement enabled is assigned to RG1 and uses the following parameters:
Microsoft.Network/virtualNetworks
Microsoft.Compute/virtualMachines
In RG1, you need to create a new virtual machine named VM2 which is connected to VNET1.
What should you do first?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
Hotspot Question
You have an Azure App Service web app named app1.
You configure autoscaling as shown in following exhibit.

You configure the autoscale rule criteria as shown in the following exhibit.

Use the drop-down menus to select the answer choice that answers each question based on the information presented in the graphic. NOTE Each correct selection is worth one point.

You have an Azure App Service web app named app1.
You configure autoscaling as shown in following exhibit.

You configure the autoscale rule criteria as shown in the following exhibit.

Use the drop-down menus to select the answer choice that answers each question based on the information presented in the graphic. NOTE Each correct selection is worth one point.

정답:

Explanation:
Initial instance is 1 as specified in first figure.
80% for 15 minutes reaches 10 minutes duration, but haven't reached second turn of scale out, so only one new instance is created.
Since cool down time is 5 minutes, which means after one scale happens, it will count 5 minutes before counting a new 10 minutes, so 15 minutes total.
Hotspot Question
You have an Azure AD tenant that contains a user named External User.
External User authenticates to the tenant by using [email protected].
You need to ensure that External User authenticates to the tenant by using [email protected].
Which two settings should you configure from the Overview blade? To answer, select the appropriate settings in the answer area.
NOTE: Each correct answer is worth one point.

You have an Azure AD tenant that contains a user named External User.
External User authenticates to the tenant by using [email protected].
You need to ensure that External User authenticates to the tenant by using [email protected].
Which two settings should you configure from the Overview blade? To answer, select the appropriate settings in the answer area.
NOTE: Each correct answer is worth one point.

정답:

Explanation:
If the user wants to sign in using a different email:
- Select the Edit properties icon.
- Scroll to Email and type the new email.
- Next to Other emails, select Add email. Select Add, type the new email, and select Save.
- Select the Save button at the bottom of the page to save all changes
On the Overview tab, under My Feed, select the "Reset redemption" status link in the B2B collaboration tile.
https://learn.microsoft.com/en-us/azure/active-directory/external-identities/reset-redemption-status#use-the-microsoft-entra-admin-center-to-reset-redemption-status
Drag and Drop Question
Your company has an Azure subscription that includes a number of Azure virtual machines (VMs), which are all part of the same virtual network.
Your company also has an on-premises Hyper-V server that hosts a VM, named VM1, which must be replicated to Azure.
Which of the following objects that must be created to achieve this goal? Answer by dragging the correct option from the list to the answer area.

Your company has an Azure subscription that includes a number of Azure virtual machines (VMs), which are all part of the same virtual network.
Your company also has an on-premises Hyper-V server that hosts a VM, named VM1, which must be replicated to Azure.
Which of the following objects that must be created to achieve this goal? Answer by dragging the correct option from the list to the answer area.

정답:

Explanation:
For physical servers:
- Storage Account
- Azure Recovery Services Vault
- Replication policy
For Hyper-v server:
- Hyper-V site
- Azure Recovery Services Vault
- Replication policy
https://docs.microsoft.com/en-us/azure/site-recovery/physical-azure-disaster-recovery
https://docs.microsoft.com/en-nz/azure/site-recovery/hyper-v-prepare-on-premises-tutorial
Your on-premises network contains a VPN gateway.
You have an Azure subscription that contains the resources shown in the following table.

You need to ensure that all the traffic from VM1 to storage1 travels across the Microsoft backbone network.
What should you configure?
You have an Azure subscription that contains the resources shown in the following table.

You need to ensure that all the traffic from VM1 to storage1 travels across the Microsoft backbone network.
What should you configure?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
You plan to automate the deployment of a virtual machine scale set that uses the Windows Server Datacenter image.
You need to ensure that when the scale set virtual machines are provisioned, they have web server components installed.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
You need to ensure that when the scale set virtual machines are provisioned, they have web server components installed.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
정답: C,E
설명: (DumpTOP 회원만 볼 수 있음)
Case Study 5 - Contoso, Ltd
Overview
General Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and branch offices in Seattle and New York.
Environment
Existing Environment
Contoso has an Azure subscription named Sub1 that is linked to an Azure Active Directory (Azure AD) tenant. The network contains an on-premises Active Directory domain that syncs to the Azure AD tenant.
The Azure AD tenant contains the users shown in the following table.

Sub1 contains two resource groups named RG1 and RG2 and the virtual networks shown in the following table.

User1 manages the resources in RG1. User4 manages the resources in RG2.
Sub1 contains virtual machines that run Windows Server 2019 as shown in the following table

No network security groups (NSGs) are associated to the network interfaces or the subnets.
Sub1 contains the storage accounts shown in the following table.

Requirements
Planned Changes
Contoso plans to implement the following changes:
Create a blob container named container1 and a file share named share1 that will use the Cool

storage tier.
Create a storage account named storage5 and configure storage replication for the Blob

service.
Create an NSG named NSG1 that will have the custom inbound security rules shown in the

following table.

Associate NSG1 to the network interface of VM1.

Create an NSG named NSG2 that will have the custom outbound security rules shown in the

following table.

Associate NSG2 to VNET1/Subnet2.

Technical Requirements
Contoso must meet the following technical requirements:
Create container1 and share1.

Use the principle of least privilege.

Create an Azure AD security group named Group4.

Back up the Azure file shares and virtual machines by using Azure Backup.

Trigger an alert if VM1 or VM2 has less than 20 GB of free space on volume C.

Enable User1 to create Azure policy definitions and User2 to assign Azure policies to RG1.

Create an internal Basic Azure Load Balancer named LB1 and connect the load balancer to

VNET1/Subnet1
Enable flow logging for IP traffic from VM5 and retain the flow logs for a period of eight months.

Whenever possible, grant Group4 Azure role-based access control (Azure RBAC) read-only

permissions to the Azure file shares.
Hotspot Question
You need to create container1 and share1.
Which storage accounts should you use for each resource? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Overview
General Overview
Contoso, Ltd. is a consulting company that has a main office in Montreal and branch offices in Seattle and New York.
Environment
Existing Environment
Contoso has an Azure subscription named Sub1 that is linked to an Azure Active Directory (Azure AD) tenant. The network contains an on-premises Active Directory domain that syncs to the Azure AD tenant.
The Azure AD tenant contains the users shown in the following table.

Sub1 contains two resource groups named RG1 and RG2 and the virtual networks shown in the following table.

User1 manages the resources in RG1. User4 manages the resources in RG2.
Sub1 contains virtual machines that run Windows Server 2019 as shown in the following table

No network security groups (NSGs) are associated to the network interfaces or the subnets.
Sub1 contains the storage accounts shown in the following table.

Requirements
Planned Changes
Contoso plans to implement the following changes:
Create a blob container named container1 and a file share named share1 that will use the Cool

storage tier.
Create a storage account named storage5 and configure storage replication for the Blob

service.
Create an NSG named NSG1 that will have the custom inbound security rules shown in the

following table.

Associate NSG1 to the network interface of VM1.

Create an NSG named NSG2 that will have the custom outbound security rules shown in the

following table.

Associate NSG2 to VNET1/Subnet2.

Technical Requirements
Contoso must meet the following technical requirements:
Create container1 and share1.

Use the principle of least privilege.

Create an Azure AD security group named Group4.

Back up the Azure file shares and virtual machines by using Azure Backup.

Trigger an alert if VM1 or VM2 has less than 20 GB of free space on volume C.

Enable User1 to create Azure policy definitions and User2 to assign Azure policies to RG1.

Create an internal Basic Azure Load Balancer named LB1 and connect the load balancer to

VNET1/Subnet1
Enable flow logging for IP traffic from VM5 and retain the flow logs for a period of eight months.

Whenever possible, grant Group4 Azure role-based access control (Azure RBAC) read-only

permissions to the Azure file shares.
Hotspot Question
You need to create container1 and share1.
Which storage accounts should you use for each resource? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

정답:

Explanation:
Storage accounts that support tiering
Object storage data tiering between hot, cool, and archive is simply supported in Blob storage and GPv2 accounts. General Purpose v1 aka GPv1 accounts don't maintain tiering.
Box 1: storage2 and storage3 only
Box 2: storage2 only
Create a file share named share1 that will use the Cool storage tier - storage has to support file sharing and tiering.
You have an Azure subscription that contains the resources shown in the following table.

LB1 is configured as shown in the following table.

You plan to create new inbound NAT rules that meet the following requirements:
- Provide Remote Desktop access to VM1 from the internet by using port
3389.
- Provide Remote Desktop access to VM2 from the internet by using port
3389.
What should you create on LB1 before you can create the new inbound NAT rules?

LB1 is configured as shown in the following table.

You plan to create new inbound NAT rules that meet the following requirements:
- Provide Remote Desktop access to VM1 from the internet by using port
3389.
- Provide Remote Desktop access to VM2 from the internet by using port
3389.
What should you create on LB1 before you can create the new inbound NAT rules?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
You plan to use the Azure Import/Export service to copy files to a storage account.
Which two files should you create before you prepare the drives for the import job? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
Which two files should you create before you prepare the drives for the import job? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
정답: C,D
설명: (DumpTOP 회원만 볼 수 있음)
Hotspot Question
You have an Azure Active Directory (Azure AD) tenant.
You need to create a conditional access policy that requires all users to use multi-factor authentication when they access the Azure portal.
Which three settings should you configure? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.

You have an Azure Active Directory (Azure AD) tenant.
You need to create a conditional access policy that requires all users to use multi-factor authentication when they access the Azure portal.
Which three settings should you configure? To answer, select the appropriate settings in the answer area.
NOTE: Each correct selection is worth one point.

정답:

Explanation:
- Select Users & Groups : Where you have to choose all users.
- Select Cloud apps or actions: to specify the Azure portal
- Grant: to grant the MFA.
Those are the minimum requirements to create MFA policy. No conditions are required in the question.
https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-access-policies
Hotspot Question
You have an Azure subscription that contains an Azure Storage account named storage1 and the users shown in the following table.

You plan to monitor storage1 and to configure email notifications for the signals shown in the following table.

You need to identify the minimum number of alert rules and action groups required for the planned monitoring.
How many alert rules and action groups should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

You have an Azure subscription that contains an Azure Storage account named storage1 and the users shown in the following table.

You plan to monitor storage1 and to configure email notifications for the signals shown in the following table.

You need to identify the minimum number of alert rules and action groups required for the planned monitoring.
How many alert rules and action groups should you identify? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

정답:

Explanation:
You can define only one activity log signal per alert rule. To alert on more signals, create another alert rule.
Box 1: 4
You need 1 alert rule per 1 signal (1xIngress, 1xEgress, 1xDelete storage account, 1xRestore blob ranges).
Box 2: 3
You need 3 Action Groups (1xUser1 and User3, 1xUser1 only, 1xUser1 User2 and User3). Check
'Users to notify' column.